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WHAT IS CLAIMED IS: 

1 . A sequence number checker, comprising: 

a bit map memory storing a first multiple level bit map representing a first 
sequence number of a first packet received by said sequence number checker; and 

a processor to compute a second multiple level bit map representing a 
second sequence number of a second packet received by said sequence number checker 
subsequent to said first packet, said second multiple level bit map being compared to said 
first multiple level bit map to produce a result indicating actions to be performed on said 
second packet. 

2. The sequence number checker according to claim 1 , further comprising: 
a window controller to maintain a sliding window representing a range of 

sequence numbers; and 

a window memory storing a bottom value and a top value for said sliding 

window. 

3. The sequence number checker according to claim 2, wherein said range of 
sequence numbers is a fixed size. 

4. The sequence number checker according to claim 2, wherein said range of 
sequence numbers has a variable sized based upon characteristics of a security 
association. 
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5. The sequence number checker according to claim 1 , wherein said bit map 
memory further comprises: 

a partition assigned to said security association. 

6. A method of maintaining a window of valid sequence numbers, comprising: 
determining characteristics of a security association; and 

setting a bottom value and a top value to define a window having a variable 
size based on said characteristics of said security association. 

receiving a sequence number for a packet; 

comparing said sequence number to said window; 

setting a new top value equal to said sequence number if said sequence 
number is greater than the said top value; and 

setting a new bottom value based on said new top value. 
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7. A method for maintaining a window of valid sequence numbers, comprising: 

setting a bottom value and a top value to define a window; 

receiving a sequence number for a packet; 

comparing said sequence number to said window; 

setting at least one summary bit in a multiple level bitmap, to set a new top 
value, if said sequence number is greater than said top value, wherein said at least one 
summary bit indicates a validity of a contiguous range of bits within said multiple level 
bitmap; and 

setting a new bottom value based on said new top value. 



8. A method for checking sequence numbers, comprising: 
receiving a sequence number for a packet; 
converting said sequence number to a first multiple level bit map; 
retrieving a second multiple level bit map stored in a bit map memory; 
dividing said first multiple level bit map into a first plurality of summary bits; 
dividing said second multiple level bit map into a second plurality of summary 

bits; and 

comparing said first and second plurality of summary bits to produce a result 
indicating validity of said sequence number. 



31 



EXPRESS MAIL NO. EK752734482US PATENT 

Atty. Docket No. 00-4058 

9. The method according to claim 8, wherein said comparing step further 
comprises: 

setting a value for at least one of said second plurality of summary bits based 
on said result; and 

setting a range of contiguous bits in said second multiple level bit map based 
on said result. 

10. The method according to claim 9, wherein setting said range of contiguous 
bits in said second multiple level bit map comprises setting said range of contiguous bits to 
a value of 0 when at least one of said second plurality of summary bits changes from a 
value of 0 to a value of 1 . 

1 1 . The method according to claim 9, further comprising: 

passing said packet upon producing a result indicating said sequence number 

is valid. 

1 2. The method according to claim 9, further comprising: 

discarding said packet upon producing a result indicating said sequence 
number is invalid. 
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13. An apparatus for maintaining a window of valid sequence numbers, 

comprising: 

means for setting a bottom value and a top value to define a window; 

means for receiving a sequence number for a packet; 

means for comparing said sequence number to said window; 

means for setting at least one summary bit in a multiple level bitmap, to set a 
new top value, if said sequence number is greater than said top value, wherein said at least 
one summary bit indicates a validity of a contiguous range of bits within said multiple level 
bitmap; and 

means for setting a new bottom value based on said new top value. 



14. An apparatus for checking sequence numbers, comprising: 
means for receiving a sequence number for a packet; 
means for converting said sequence number to a first multiple level bit map; 
means for retrieving a second multiple level bit map stored in a bit map 

memory; 

means for dividing said first multiple level bit map into a first plurality of 
summary bits; 

means for dividing said second multiple level bit map into a second plurality of 
summary bits; and 

means for comparing said first and second plurality of summary bits to 
produce a result indicating validity of said sequence number. 
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